Managing access in a software provisioning environment

US 9,111,118 B2
Filed: 08/29/2008
Issued: 08/18/2015
Est. Priority Date: 08/29/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

assigning, by a processor, each user of a set of users to a set of user actions available to be performed by the user, wherein the set of user actions comprises at least one of configuring a provisioning server, modifying a provisioning object in the provisioning server, creating a provisioning object in the provisioning server, or accessing a provisioning process by the provisioning server, and wherein each user of the set of users is granted access limited to the assigned set of user actions available to be performed by the user;

maintaining a plurality of user-specific records each comprising information identifying a user, a target machine associated with the user, and the set of user actions assigned to the user, wherein the information identifying the user comprises a user name and authentication key associated with the user;

receiving, by the processor, a request from a first user to perform a selected user action related to a software provisioning environment;

verifying that the selected user action is available to be performed by the first user in view of a user-specific record associated with the first user; and

enabling, by the processor, the selected user action when the first user is assigned the selected user action.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A provisioning server can be configured to associate user actions with users that have access to perform the associated user actions. The user actions can include any user action performed within or by the provisioning server, such as configuring the provisioning server, modifying provisioning objects in the provisioning server, accessing provisioning processes by the provisioning server, and the like. The association can be based on the identity of the users or a type of user (administrator, client, guest, etc.). Once a request is received for a particular user action, the provisioning server can be configured to enable the requested action if the requested action is associated with the requesting user.

192 Citations

12 Claims

1. A method comprising:
- assigning, by a processor, each user of a set of users to a set of user actions available to be performed by the user, wherein the set of user actions comprises at least one of configuring a provisioning server, modifying a provisioning object in the provisioning server, creating a provisioning object in the provisioning server, or accessing a provisioning process by the provisioning server, and wherein each user of the set of users is granted access limited to the assigned set of user actions available to be performed by the user;
  
  maintaining a plurality of user-specific records each comprising information identifying a user, a target machine associated with the user, and the set of user actions assigned to the user, wherein the information identifying the user comprises a user name and authentication key associated with the user;
  
  receiving, by the processor, a request from a first user to perform a selected user action related to a software provisioning environment;
  
  verifying that the selected user action is available to be performed by the first user in view of a user-specific record associated with the first user; and
  
  enabling, by the processor, the selected user action when the first user is assigned the selected user action.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - providing a network user interface to receive the request.
  - 3. The method of claim 1, wherein assigning each user to the set of user actions available to be performed by the user, comprises:
    - assigning, by the processor, each user with the set of user actions available to be performed by the user in view of at least one of the identity of each user or a type of each user.
  - 4. The method of claim 1, further comprising:
    - authenticating, by the processor, an identity received from the first user.

5. A system comprising:
- a memory to store instructions; and
  
  a processor operatively coupled to the memory, the processor to execute the instructions to;
  
  assign each user of the set of users with a set of user actions available to be performed by the user, wherein the set of user actions comprises at least one of configuring a provisioning server, modifying a provisioning object in the provisioning server, creating a provisioning object in the provisioning server, or accessing a provisioning process by the provisioning server, and wherein each user of the set of users is granted access limited to the associated set of user actions available to be performed by the user;
  
  maintain a plurality of user-specific records each comprising information identifying a user, a target machine associated with the user, and the set of user actions assigned to the user, wherein the information identifying the user comprises a user name and authentication key associated with the user;
  
  receive a request from a first user to perform a selected user action related to a software provisioning environment;
  
  verify that the selected user action is available to be performed by the first user in view of a user-specific record associated with the first user; and
  
  enable the selected user action when the user is assigned the selected user action.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, the processor to:
    - provide a network user interface to receive the request.
  - 7. The system of claim 5, wherein to associate each user with the set of user actions, the processor is to:
    - associate each user with the set of user actions available to be performed by the user in view of at least one of the identity of each user or a type of each user.
  - 8. The system of claim 5, the processor to:
    - authenticate an identity received from the first user.

9. A non-transitory computer readable medium comprising instructions that, when executed by a processor, cause the processor to:
- assign, by the processor, each user of the set of users with a set of user actions available to be performed by the user, wherein the set of user actions comprises at least one of configuring a provisioning server, modifying a provisioning object in the provisioning server, creating a provisioning object in the provisioning server, or accessing a provisioning process by the provisioning server, and wherein each user of the set of users is granted access limited to the associated set of user actions available to be performed by the user;
  
  maintain a plurality of user-specific records each comprising information identifying a user, a target machine associated with the user, and the set of user actions assigned to the user, wherein the information identifying the user comprises a user name and authentication key associated with the user;
  
  receive a request from a first user to perform a selected user action related to a software provisioning environment;
  
  verify that the selected user action is available to be performed by the first user in view of a user-specific record associated with the first user; and
  
  enable the selected user action when the user is assigned the selected user action.
- View Dependent Claims (10, 11, 12)
- - 10. The non-transitory computer readable medium of claim 9, the processor to provide a network user interface to receive the request.
  - 11. The non-transitory computer readable medium of claim 9, the processor to:
    - assign each user to the set of user actions available to be performed by the user in view of at least one of the identity of each user or a type of each user.
  - 12. The non-transitory computer readable medium of claim 9, the processor to:
    - authenticate an identity received from the first user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
DeHaan, Michael Paul
Primary Examiner(s)
SHOLEMAN, ABU S

Application Number

US12/201,832
Publication Number

US 20100058444A1
Time in Patent Office

2,545 Days
Field of Search

726/4, 726 27- 28, 717168-178, 709220-222
US Class Current

1/1
CPC Class Codes

G06F 21/629 to features or functions of...

H04L 63/102 Entity profiles

Managing access in a software provisioning environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

192 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Managing access in a software provisioning environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

192 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links